Hi All,

i have configured WLC for guests users and internal users.

i have created 2 normal WLANs and 2 different interfaces with the all information like ip address scheme and gateway and dhcp address.

one is INTERNAL and another one is GUESTS.

INTERNAL WLAN is mapped to Internal interface which configuration is as follows:-

VLAN ID : 2

ip add : 192.168.10.177

subnet : 255.255.255.0

gateway: 192.168.10.10

dhcp add : 192.168.10.190

GUEST WLAN is mapped to GUEST interface which configuration is as follows:-

VLAN ID : 23

ip add : 192.168.23.2

subnet : 255.255.255.0

gateway: 192.168.23.1

dhcp add : 192.168.10.77

now i m getting 2 SSID when i search for wireless Networks.

i can connect to intra and inter network by using any of the SSIDs.

SOUNDS GOOD

currently i can access 192.168.10.0 and 192.168.23.0 and Internet too because of interVLAN Routing, but now if i join GUEST SSID i want to restrict intranet (192.168.10.0) access except 192.168.10.5 (Network Printer ip address).

i have configured 1 access list and applied it to GUEST interface.

access list has the following statements.

1 permit 192.168.23.0/24 192.168.10.5/32 any any any(outbound/inbound/any)

2 deny 192.168.23.0/24 192.168.10.0/24 any any any(outbound/inbound/any)

3 permit 0.0.0.0/0 0.0.0.0/0 any any any(outbound/inbound/any)

by using these statements i can access INTERNET and not reachable to intranet network. thats good

but not able to access network printer (i don't know why)

one more problem is that if i mention specific network in the statement it is not working as i mentioned 0.0.0.0 in last statement its working but if i set it as 192.168.23.0/24 0.0.0.0/0 it wont work.